Podcast 🎧 and blog: NCSI – How prepared is your country for a cyber attack?

21.10.2020 | Federico Plantera


| The project is responsive to the following SDGs of the United Nations: 17 |


It is probably since the discovery of fire that we learnt a crucial lesson – technology brings benefits, but also risks. Far be it from us to carry out an exegesis of all human explorations and inventions, it will be sufficient here to remember that the current Information Age, in that sense, makes no exception.

In Estonia, we came to formulate this understanding the hard way. In 2007, we became one of the first countries to suffer a coordinated cyber attack. Our innovation-driven society needed adequate protection and, soon, we developed appropriate countermeasures to shield our digital way of life from cyber threats.

Drawing inspiration (also) from that experience, experts at e-Governance Academy started wondering how secure national cyberspaces really are. Our National Cyber Security Index (NCSI) serves the purpose. Constantly updated and now live since 2016, aims to systematically assess countries’ preparedness in the event of cyber attacks.



Epp Maaten, Programme Director of National Cyber Security at the e-Governance Academy peeks into the main features and goals of the NCSI to explain how the Index makes a fundamental tool for capacity building on cybersecurity.

Read the blog post below or listen to the episode of the Digital Government Podcast!



Insecurity grows as cyber threats are on the rise

The increasing digitalization of information generates, as a collateral effect, reasons to worry. Potentially, any database or exchange practice involving valuable and sensitive data can become a good target for malicious actions. Recent reports have shown how cyber attacks are increasing (Bruegel, 2019; SonicWall, 2019), as well as the costs connected to them. The account grows as the weeks pass.

Just as an example, look at the long list of cyber incidents recorded by the Center for Strategic and International Studies in the past twelve months. We can find universities and ministries, parliament members, and large enterprises alike. The global edition of the 2019 Cyber Threat Report by SonicWall, among others, provides an accurate picture of the magnitude of this growing trend. Comparing last year’s data with 2017 records, we can see:

  • Malware attacks increasing by 22%, up to 10.5 billion cases;
  • Ransomware attacks increasing by 11%, up to 206.5 billion cases;
  • Intrusion attempts increasing by 38%, up to 3.9 trillion cases;
  • Web app attacks increasing by 56%, up to 26.8 million cases;
  • Attacks to Internet of Things (IoT) devices increasing by 217.5%, up to 32.7 million cases.

The research question at the basis of our NCSI, then, comes up almost naturally. “The cyberspace is changing constantly, and new threats are emerging. This puts a lot of pressure on people in governance, because the task to manage all these threats seems too complicated. However, universal in best practices around the world can help governments to cope with threats in the cybersphere. Many of these elements are listed in the NCSI,” Maaten explains.


NCSI – a tool for capacity building

One of the key strengths of e-Governance Academy’s NCSI is the provision of accurate, up-to-date public information on how prepared our states are in preventing cyber threats. “The vision was to develop a global index, a comprehensive evaluation tool on countries’ readiness to manage cyber incidents,” Maaten states.

We ultimated the formulation of our methodology in 2016. Spanning across 130 countries surveyed, the scope of the analysis revolves around 4 macro-areas, regrouping a total of 46 indicators:

  1. Legislation in force – legal acts, regulations, orders;
  2. Established units – existing organisations, departments;
  3. Cooperation formats – committees, working groups;
  4. Outcomes – policies, exercises, technologies, websites, programmes.



The Index presents a correlation (Difference) between NCSI scores and Digital Development Levels (DDL), assessing ICT dependency and risk prevention. “If the difference between the DDL and the NCSI scores is positive, the country’s cybersecurity policies are in accordance with – or ahead of – its digital development. A negative result shows, instead, that the country’s digital society is more advanced than the national cybersecurity area,” Maaten outlines.


“If the difference between the DDL and the NCSI scores is positive, the country’s cybersecurity policies are in accordance with – or ahead of – its digital development.”

-Epp Maaten-


It becomes clear that the main purpose of the Index is capacity building. Yes, the descriptive picture provided by the ranking gives us valuable state-of-the-art insights. But the NCSI carries also a crucial normative goal – it is the start of a conversation. How can we further improve our preparedness against changing cyber threats?


“There are no territorial borders in the cyberspace, therefore the problems – but also the solutions – are often very similar from place to place.”

-Epp Maaten-


“Allowing comparability between countries, breaking down scores into indicators, the Index enables a transnational, cooperative approach to cybersecurity. There are no territorial borders in the cyberspace, therefore the problems – but also the solutions – are often very similar from place to place,” Maaten highlights.


Beyond technology, operational efficiency is key

The organization of the indicators in macro-areas suggests some of the lines of actions that countries can undertake. “Among the main tools for governments we find laws and regulations. Thus, the first questions should be on how to start regulating national cybersecurity, and how to deal with current problems in the cyber world. Also, what are the institutions suitable for the task?” Maaten says.

“Governmental Computer Emergency Response Teams (CERT) can monitor the situation in a country’s own cyberworld and respond to cyber incidents. An approach based on Critical Information Infrastructure Protection (CIIP) is also useful, establishing rules for operators – private and public – in critical sectors of the economy. Organizational and operational aspects are very important because machines, by their part, usually do what they are told to do. First, we need the people,” Maaten points out.


“Good cybersecurity means that we have effective procedures in place to prevent, detect, and react to cyber incidents.”

-Epp Maaten-


This last appeal, in particular, seems to be firmly grounded in the spirit that first gave birth to the NCSI. “Good cybersecurity means that we have effective procedures in place to prevent, detect, and react to cyber incidents. To limit disruption, countermeasures should be pre-planned, discussed and agreed before a cyber attack even occurs,” Maaten concludes.

Cybersecurity is not only a matter of technical expertise, but also of competence, smart division of tasks,efficient resource allocation. In this respect, e-Governance Academy’s NCSI provides the interpretative tools to make the best of our national cybersecurity strategies.

Would you like to help us update your country information?